cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
828
Views
5
Helpful
5
Replies

SSL Version

Stel Vlach
Level 1
Level 1

SSL developers just announced that they will release two updates tomorrow which will patch a high severity vulnerability. How am I able to check the SSL ver that my Cisco units use for https management ?

Thanks in advance.

5 Replies 5

Seb Rupik
VIP Alumni
VIP Alumni

Hi Stel,

Take a look at my answer here:

 

https://supportforums.cisco.com/discussion/12377606/how-check-if-3750-switch-using-sslv3

 

cheers,

Seb.

Hello Seb

Thanks for your reply. Didn't posted my question clear. I am looking for the openssl ver. used. Does the nmap works as well ?

I think that will be hard to determine without asking TAC. You could take a look here:

http://tools.cisco.com/security/center/publicationListing.x

 

..in particular:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150320-openssl

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl

 

Doing a bit of cross referencing between the CVEs mentioned in the updates and the software version you are running (assuming it is listed as vulnerable) you should be able to determine what version of openSSL the patched software contains to include the fix.

 

Hope that helps.

 

cheers,

Seb.

Think I found a better way (not so easy though). 

Initially the IOS version is necessary. Then you should visit the Cisco downloads section and seek downloads for the image. The easiest way is to type the model’s part no. and then select the download tabs in the results. Finally you get a page with the final release and a list of all releases. After you find the exact image there is a link about Release Notes and Open Source Documentation. There you can find licensing and version info about openssl in cisco appliances

Ahah, much more accurate than my method, good find!